Most broadband Internet Service Providers, ISPs, supply access to their Internet access network through the use of a Cable modem, DSL modem, or Wireless modem. The majority of subscribers to these services typically utilize a router incorporating Network Address Translation (NAT) as a firewall and also as a means to permit multiple personal computers (PC)s in the residence to utilize simultaneous access to the Internet.
Many of the routers are wireless routers permitting residential PCs to access the Internet through either a wired or wireless (Wi-Fi) connection to the router.
The ISP can utilize existing network devices that can observe the activity occurring at the subscriber modem at the Internet Protocol (IP) level. However, according to Internet Protocol and the design of NAT routers, the activity observed at the modem appears to originate at a single IP device, the NAT router, and evidence of the number of real workstations that are active behind the NAT router, and even cascaded NAT routers, is hidden.
ISPs typically have Terms of Service and agreements in the contracts with the subscriber that prohibits the subscriber from extending the Internet access beyond the boundaries of the residential premises. However, inexpensive, off-the-shelf NAT routers can be interconnected and cascaded by simple wired and wireless connections in an arbitrary tree-and-branch topology that provides full, unhindered Internet access to all participants. This simple extensibility, the very high speeds now offered by ISPs, and the easily-hidden installation of the interconnections make it difficult to detect where service re-distribution is occurring. In addition, the widely used Wi-Fi wireless routers are frequently installed with the default configuration that provides free, unhindered access to all within the umbrella of the signal, often extending throughout an entire multi-tenant building or buildings. Problems with this situation include theft-of-service resulting in lost revenue to the ISP as well as dissatisfied subscribers whose performance is being compromised by unknown parasitic users causing support problems.
What is required, is a system, method and computer readable medium that is capable of determining the presence of multiple users on a single subscriber account.